Microsoft software bug linked to "Duqu" virus

Reuters Staff

2 Min Read

A worker prepares the logo on the Microsoft stand on the CeBIT computer fair in Hanover February 26, 2011. The world's largest IT fair CeBIT opens its doors on March 1 and runs through March 5. REUTERS/Tobias Schwarz

(Reuters) - Microsoft Corp said hackers exploited a previously unknown bug in its Windows operating system to infect computers with the Duqu virus, which some security experts say could be the next big cyber threat.

“We are working diligently to address this issue and will release a security update for customers,” Microsoft said on Tuesday in a short statement.

News of Duqu surfaced in October when security software maker Symantec Corp said it had found a mysterious computer virus that contained code similar to Stuxnet, a piece of malicious software believed to have wreaked havoc on Iran’s nuclear program.

Government and private investigators around the world are racing to unlock the secret of Duqu, with early analysis suggesting that it was developed by sophisticated hackers to help lay the groundwork for attacks on critical infrastructure such as power plants, oil refineries and pipelines.

Details on how Duqu got onto infected machines emerged for the first time on Tuesday as Microsoft disclosed its link to the infection.

If a recipient opened the Word document and infected the PC, the attacker could take control of the machine and reach into an organization’s network to propagate itself and hunt for data, Symantec researcher Kevin Haley told Reuters.

He said some of the source code used in Duqu was also used in Stuxnet, a cyber weapon believed to have crippled centrifuges that Iran uses to enrich uranium.

That suggests that the attackers behind Stuxnet either gave that code to the developers of Duqu, allowed it to be stolen, or are the same people who built Duqu, Haley said.